MiSec Jackson April 2015 Meetup

Jim Beechey (@jim_beechey) will be speaking on “Communicating Up The Stack: Layers 8, 9 and beyond” at 7pm on April 14th.

Abstract: “Genius is the ability to put into effect what is on your mind” F. Scott Fitzgerald.  Our industry, Information Security, is filled with brilliant people.  However, one of our biggest challenges is our ability to communicate properly within our organizations.  This talk is aimed at technical professionals and will provide concrete examples for rapidly improving communication up the chain of command with the goal of having more impact on your organizations security posture.

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

Please use the parking structure off of the Francis Street.
one-energy

MiSec Jackson Social Night – March 2015

Come join some of the MiSec Jackson crew as we take over a few tables at the Night Light on March 31st at 6pm.

Hang out, talk tech, random ideas and enjoy some food and drinks. (Pay your own way.).

Location:
Night Light
145 W Pearl St
Jackson, MI 49201

Ping Kyle Andrus (@chaoticflaws) or Matt Johnson (@mwjcomputing) for more information.

MiSec Southfield Meetup March 2015

Nerdy Beardo will be presenting “Defense in Depth with AOP” for our quarterly OWASP Detroit meeting.

Web application security has never been harder. Our adversary is cunning and clever, and with software becoming more and more complex its harder than ever to ensure security. This presentation is about using Aspect Oriented Programming to help organize our code in a way that makes implementing security practices easier, centrally maintained and helps to bring security to the forefront of the software development process. Our aim is to slow or stop our attackers on multiple levels using AOP as our mechanism for achieving this. Code for this talk will be in C# with PostSharp however the concepts can be applied to virtually any programming language or AOP tool.

Thursday, March 12th, 7 pm
300 Galleria Officentre, Suite 103
Southfield, MI 48034

MiSec Jackson March 2015 Meetup

Steve Motts (@Fugawi72) is presenting “Excuse me while I BURP” at 7pm on March 10th.

While it is customary in some societies to excuse yourself when expelling a gaseous mixture, sometimes burping has its advantages and needs no apology. This talk will introduce Burp Suite (interception proxy) and how it can help to expel technical web flaws (non-gaseous). It will contain an overview of the tool and demonstrate some key features against sample vulnerable web applications.

 

NOTE: We are at a new location starting in March. We would like to thank Spring Arbor University for helping get MiSec Jackson off the ground. 

Location:
Consumers Energy
One Energy Plaza
Jackson, MI 49201

Please use the parking structure off of the Francis Street.
one-energy

MiSec Jackson February 2015 Meetup

Owen Creger is presenting: A Strategic Shift in Information Security.

The information security community has for a long time been using the medieval strategy of building castles to secure territory; better known as defense in depth. The strategy of defense in depth, while still very effective, does have its weaknesses. The digital arena is very fluid environment, and adversaries have adapted their strategies to deal with defense in depth. It is the age old problem of “If you build a better mouse trap, you end up with smarter mice.”

A new reality in information security has developed that it is now a matter of when, not if an organization is breached. This new reality compels an information security organization to search for new strategies to deal with an evolved adversary. Many organizations are now adopting contemporary military strategic thinking to help them address these new threats. Lockheed Martin was the first organization to start the move towards adopting contemporary military strategic thinking, with their paper on the Cyber Kill Chain. Other organizations has further adopted other current military strategies including those of Operational Security (OPSEC), Terrain and Plane, Intelligence, and the OODA Loop. This presentation will discuss these contemporary military strategies and how they can be implemented in the digital realm.

Tuesday, February 10th, 7pm
Spring Arbor University
113 West Michigan Ave, Suite 201
Jackson, MI 49201

MiSec Royal Oak Meetup January 2015

Ron Ulko will be presenting on Recon with Elastic Search, how to protect an organization by scouring the Web and Internet for intellectual property and signs of coming attack.

Important: Beginning in January, our #misec Southfield meet-ups will be hosted at Liberty Center One. Stay tuned as we expect to do one more venue change in 2015.

Thursday, January 15th @ 7 pm
Liberty Center One
4815 Delemere Ave
Royal Oak, MI 48073

A sneak peak at what is to come:

  • February Royal Oak: Owen Creger on Incident Management
  • March Royal Oak: OWASP Detroit

 

MiSec Jackson Meetup January 2015

It is official. The launch of MiSec Jackson on January 13th, 2015 at 7pm!

We will be kicking off the meeting with a quick intro into MiSec and then we will have MiSec Jackson’s first speaker.

Kyle Andrus will be speaking on Basic Windows Computer Forensics.

Basic Windows Computer Forensics – This talk will be targeted towards individuals interested in learning some of the basics of Windows Computer Forensics. We’ll cover some of the details that can be pulled out of the registry, disk, and memory of machine running Windows. The talk will also touch on some of the tricks used to identify malicious running processes. If you have ever been interested in computer forensics and how it may differ than CSI computer forensics then this talk is for you!

Tuesday, January 13th, 2015 from 7pm – 9pm
Spring Arbor University – Jackson (Downtown) site
13 W. Michigan Ave.
Suite 201
Jackson, MI 49201

If you have any questions about the meetup, email info@michsec.org or ping @mwjcomputing and @chaoticflaws on twitter.

MiSec Southfield Meetup December 2014

OWASP Detroit featuring Kevin Poniatowski. Kevin’s providing us two related talks for this quarter’s OWASP meeting.

Dispel the Illusion, Change the Behavior. Tired of repeating a pen test on a customer’s application and finding that they haven’t fixed any of the critical vulns that were found six months previously? Wondering why developers continue to churn out highly insecure code despite the daily news reports of data breaches? Frustrated with management’s lack of urgency when told about their insecure systems? Security isn’t just a technical problem, it’s also a psychological problem. Developers and management are often working within an illusion of safety which influences how they create their applications. Let’s talk about how to dispel the illusion of security and replace it with a reality that encourages everyone to behave much more cautiously within their work environment.

If My CI/CD Team has Time for Security, So Does Yours. Software development is speeding up; Waterfall to Agile to Continuous Integration to Continuous Deployment. Do we still have time for security? I say “Heck Ya!”

Thursday, December 11th, 7 pm to 9 pm
First Center Building
26911 Northwestern Highway
Southfield, Michigan 48033

A sneak peak at what is to come:

  • January 13th Jackson: Inaugural meeting!
  • January 15th Royal Oak: Ron Ulko on Recon with Elastic Search
  • February Royal Oak: Owen Creger on Incident Management
  • March Royal Oak: OWASP Detroit

Important: We are returning to our roots, going back to the future, and having deja vu all over again. That’s right. Beginning in January, our #misec Southfield meet-ups will be hosted at Liberty Center One. Again. Stay tuned as we expect to do one more venue change in 2015.

Thursday, January 15th
Liberty Center One
4815 Delemere Ave
Royal Oak, MI 48073

Capture the Flag – RuCTFe 2014

We’re happy to announce the official date for #misec RuCTFE 2014 – those who are interested should plan on spending December 20th, 2014 with their fellow #misec teammates!

This year, to answer your feedback on what you would like to see out of the game, we have broken the signup into two groups:

  • Folks who want to participate on the #misec team to learn and practice new skills while competing in the game
  • Folks who want to participate on the #misec team to use their existing knowledge and skills to compete in the game

Those who are interested should grab a ticket at one of the links below:

#misec RuCTFE 2014 – In it to learn it (and win it)!
https://www.eventbrite.com/e/misec-ructfe-2014-in-it-to-learn-it-and-win-it-tickets-14070612581

#misec RuCTFE 2014 – In it to win it!
https://www.eventbrite.com/e/misec-ructfe-2014-in-it-to-win-it-tickets-14070632641

We’ll be arranging the first round of organizer calls, as well as putting out our request for leadership/mentoring volunteers in the coming weeks!

Hope to see you there!

— ZenM0de and J3remy

MiSec Meetup November 2014

Ramie Phillips III is presenting on Heartbleed.

Heartbleed is the nickname of a security bug found in OpenSSL in April 2014. See an analysis of the actual source code that caused the bug and view a demonstration on how to find and exploit it. Investigate the business and technical issues that allowed this to happen and be so widespread. Finally, we will discuss what we can learn from this bug.

Ramie possesses many industry certifications and has over 20 years experience in computing systems, programming, and business. He got his start working at a help desk and quickly moved to server and network engineering. During a few year stretch as an instructor, he trained hundreds of systems engineers. Ramie has engineered, installed, and secured network systems in financial, military, healthcare, and manufacturing businesses. He has developed commercial security software for the medical and military industries. Ramie has owned multiple successful businesses and controlled multi-million dollar budgets. Among his many endeavors, Ramie is currently serving as a Senior Security Architect for a Fortune Top 10 Company and working on securing the systems of the future.

Thursday, November 13th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

A sneak peak at what is to come:

  • December: OWASP Detroit with Kevin Poniatowski
Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.